Intrusion Detection for Industrial Control Systems by Machine Learning using Privileged Information

Pordelkhaki, Moojan and Fouad, Shereen and Josephs, Mark (2021) Intrusion Detection for Industrial Control Systems by Machine Learning using Privileged Information. In: 19th Annual IEEE International Conference on Intelligence and Security Informatics (ISI), 02-03 Nov 2021, San Antonio, Texas, USA. (In Press)

[img] Text
Cyber_Anomaly_Detection_in_SWaT_Using_Auxiliary_Data_for_IEEE_ISI_2021_CameraReady_.pdf - Accepted Version
Restricted to Repository staff only

Download (1MB) | Request a copy

Abstract

The continuous operation of an industrial process, such as water treatment or power generation, is governed by an Industrial Control System (ICS). Cyber attacks on industrial networks are of growing concern because of the disruption they can cause, leading to loss of revenue, and the possibility of harm to workers, plant and surroundings. Operators therefore need a Network Intrusion Detection System (NIDS) to analyse industrial network traffic in real time for adversarial behaviour. Machine Learning (ML) is applicable to the problem of network intrusion detection. This paper investigates the possibility of training an ML-based NIDS for an ICS (specifically, the well-known Secure Water Treatment testbed) by combining network traffic data and physical process data. In the supplied dataset, data had already been labelled “according to normal and abnormal behaviours”; the labelling of data collected around the start and end of each attack was scrutinized and, where found to be problematic, labelled data were excluded in order to improve the effectiveness of supervised learning. The ML technique of “Learning using Privileged Information” was evaluated and found to be superior to six baseline ML algorithms trained on network traffic data alone.

Item Type: Conference or Workshop Item (Paper)
Dates:
DateEvent
8 October 2021Accepted
Uncontrolled Keywords: Network Intrusion Detection System, Industrial Control System, Machine Learning, Learning using Privileged Information
Subjects: CAH10 - engineering and technology > CAH10-01 - engineering > CAH10-01-09 - chemical, process and energy engineering
CAH11 - computing > CAH11-01 - computing > CAH11-01-05 - artificial intelligence
Divisions: Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology
Depositing User: Mark Josephs
Date Deposited: 21 Oct 2021 09:57
Last Modified: 21 Oct 2021 09:57
URI: http://www.open-access.bcu.ac.uk/id/eprint/12318

Actions (login required)

View Item View Item

Research

In this section...